Menu
▾
▴
Re: [Unity-idm-discuss] configure SLO
|
From: Marcus H. <ha...@ki...> - 2021-12-01 10:46:11
|
On 01. Dec 2021 11:08, Sander Apweiler wrote: > Hi Krzysztof, > in past we did not support/use SLO due most user did not want to logged > out on all services if the logout from one. This opinion is changing > especially on the user who are the managers. I'd express it more like: There is a 2nd use-case coming up. I.e. we may need two different ways to log out: 1: Log out of Unity 2: Log out of all sessions (e.g. at the end of a guest session of somebody elses computer) I think two different buttons (unity-logout and global-logout) would be best. M. > We did not change any attributes from the default unity config. Can you > give us a hint which attributes must be configured to perform SLO? Of > course we must configure the SLO endpoints of the accepted SPs. The SLO > endpoints from the upstream IdPs should be fetched from the metadata > file, if they are provided within. Is this assumption correct? > Beside of this, do we only need to configure > - unity.saml.requester.sloPath=/SLO-WEB > - unity.saml.requester.sloRealm=defaultRealm > > I guess unityServer.core.logoutMode is only for clicking on the logout > button on unity. But also here we recognized using the default value > internalAndSyncPeers doesn't you logout from the IdP. But maybe this is > also not working because we did not enable SLO. > > Best regards, > Sander > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Volker Rieke > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht, > Prof. Dr. Frauke Melchior > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss -- Marcus. |
